A C++/Asm template for PIC/EXE/DLL malware
☆25Aug 12, 2025Updated 9 months ago
Alternatives and similar repositories for Imperium
Users that are interested in Imperium are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Modular Shellcode Loader in C++☆10Apr 14, 2026Updated last month
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆45Nov 4, 2025Updated 6 months ago
- Extra cmdlets to help with quering security related information from Azure☆15Sep 16, 2024Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆82Jul 25, 2025Updated 9 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Command Augmentation support for BOFs and .NET assemblies across agents☆45May 6, 2026Updated 2 weeks ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆23Feb 10, 2024Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆18Mar 4, 2023Updated 3 years ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 8 months ago
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- Repository to gather the .NET malware I will be developing☆18Mar 7, 2026Updated 2 months ago
- ☆59Feb 19, 2026Updated 3 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- shell code example☆69Dec 12, 2025Updated 5 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 8 months ago
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 10 months ago
- ☆24Sep 6, 2025Updated 8 months ago
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various method…☆22May 14, 2026Updated last week
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆62Mar 17, 2025Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 3 years ago
- Malware?☆76Oct 26, 2025Updated 6 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆38Aug 31, 2025Updated 8 months ago
- Mass target enumeration☆32Apr 3, 2021Updated 5 years ago
- A Windows PE loader / manual mapper for executables (x86 and x64) with full TLS (Thread Local Storage) support.☆99Oct 27, 2025Updated 6 months ago
- A dotnet executable to get an Entra token in an authenticated runtime☆17Oct 30, 2024Updated last year
- A simple parser(library) which extracts shimcache data from windows.☆16May 20, 2019Updated 7 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Sep 15, 2023Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆107Feb 25, 2025Updated last year
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Encodes a payload within a generated mock-CSS file☆59Sep 18, 2023Updated 2 years ago
- Collection of red team techniques.☆70Apr 25, 2025Updated last year
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 10 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- ☆43Feb 18, 2025Updated last year
- Windows kernel driver that detects hypervisors by probing SIDT/LIDT edge cases, paging/TLB behaviors, privilege transitions, and timing e…☆45Mar 3, 2026Updated 2 months ago